enable oauth proxy

cedricve · cedricve · commit 0cee9420cc47 · 2025-03-07T17:05:13.000+01:00
diff --git a/charts/hub/Chart.yaml b/charts/hub/Chart.yaml
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.80.0
+version: 0.81.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
diff --git a/charts/hub/templates/admin/oauth2-proxy.yaml b/charts/hub/templates/admin/oauth2-proxy.yaml
@@ -28,4 +28,69 @@ spec:
     - hosts:
         - "{{ .Values.admin.url }}"
       secretName: 
-{{- end }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: oauth2-proxy-admin
+  namespace: kube-system
+  labels:
+    k8s-app: oauth2-proxy-admin
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      k8s-app: oauth2-proxy-admin
+  template:
+    metadata:
+      labels:
+        k8s-app: oauth2-proxy-admin
+    spec:
+      containers:
+        - args:
+            - --provider=github
+            - --email-domain=*
+            - --upstream=file:///dev/null
+            - --http-address=0.0.0.0:4180
+            - --skip-auth-preflight=true
+          env:
+            - name: OAUTH2_PROXY_CLIENT_ID
+              value: "{{ .Values.admin.oauth2Proxy.github.clientId }}"
+            - name: OAUTH2_PROXY_CLIENT_SECRET
+              value: "{{ .Values.admin.oauth2Proxy.github.clientSecret }}"
+            - name: OAUTH2_PROXY_COOKIE_SECRET
+              value: "{{ .Values.admin.oauth2Proxy.github.cookieSecret }}"
+            - name: OAUTH2_PROXY_GITHUB_ORG
+              value: "{{ .Values.admin.oauth2Proxy.github.organization }}"
+            - name: OAUTH2_PROXY_GITHUB_TEAM
+              value: "{{ .Values.admin.oauth2Proxy.github.team }}"
+          image: quay.io/oauth2-proxy/oauth2-proxy:latest
+          imagePullPolicy: Always
+          name: oauth2-proxy
+          ports:
+            - containerPort: 4180
+              protocol: TCP
+          resources:
+            limits:
+              cpu: 100m
+              memory: 50Mi
+            requests:
+              cpu: 100m
+              memory: 50Mi
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    k8s-app: oauth2-proxy-admin
+  name: oauth2-proxy-admin
+  namespace: kube-system
+spec:
+  ports:
+    - name: http
+      port: 4180
+      protocol: TCP
+      targetPort: 4180
+  selector:
+    k8s-app: oauth2-proxy-admin
+{{- end -}}
